package com.woc.boot.admin.controller;

import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.woc.boot.admin.entity.Response;
import com.woc.boot.srv.model.WocPermission;
import com.woc.boot.srv.model.WocUsers;
import com.woc.boot.srv.service.WocPermissionService;
import com.woc.boot.srv.service.WocUsersService;

/**
 * 登录认证
 * 
 * @author     woc
 * @date       2024-01-26 
 * @version    0.0.1
 */
@RestController
@RequestMapping(value = "/auth")
public class AuthController {

    @Autowired
    private WocUsersService wocUsersService;
    @Autowired
    private WocPermissionService wocPermissionService;

    @RequestMapping(value = {"/login"}, method = RequestMethod.GET)
    public Object login() {
        ModelAndView mav = new ModelAndView();
        mav.setViewName("auth/login");
        return mav;
    }

    @RequestMapping(value = "/login", method = RequestMethod.POST)
    @ResponseBody
    public Object login(@RequestParam(required = true) String name,
                       @RequestParam(required = true) String password,
                       HttpServletRequest request) {
        Response<Map<String, Object>> response = new Response<Map<String, Object>>();
        if (StringUtils.isBlank(name) || StringUtils.isBlank(password)) {
            return response.withError("用户名或密码为空");
        }
        QueryWrapper<WocUsers> wrapper = new QueryWrapper<>();
        if (StringUtils.isNotBlank(name)) {
            wrapper.eq("name", name);
        }
        WocUsers user = wocUsersService.getOne(wrapper);
        if (user == null) {
            return response.withError("用户名不存在");
        }
        password = DigestUtils.md5DigestAsHex(password.getBytes());
        if (user != null && !user.getPass().equals(password)) {
            return response.withError("用户名或密码不正确");
        }
        HttpSession session = request.getSession();
        if (session == null) {
            return response.withError("登录失败");
        }
        session.setAttribute("userName", user.getName());
        //获取权限
        QueryWrapper<WocPermission> pwrapper = new QueryWrapper<>();
        pwrapper.eq("rid", user.getRid());
        WocPermission exist = wocPermissionService.getOne(pwrapper);
        session.setAttribute("userPerm", exist.getPerm());
        return response.withOk();
    }

    @RequestMapping(value = "/logout", method = RequestMethod.GET)
    @ResponseBody
    public Object logout(HttpServletRequest request) {
        Response<String> response = new Response<String>();
        HttpSession session = request.getSession();
        if (session == null) {
            return response.withError("注销失败");
        }
        session.removeAttribute("userName");
        session.removeAttribute("userPerm");
        return response.withOk("注销成功");
    }

}
